London HIV Clinic faces legal action for data breach of 780 patients’ identities

The names and addresses of 780 HIV patients were mistakenly leaked by the 56 Dean Street in Central London last week. The clinic’s spokesman has acknowledged the incident, stating that a staff member of the clinic had mistakenly encoded the personal details of the HIV patients via the “To” section rather than the anonymous blind-copy. Thus, instead of hiding the personal details of those on its recipient list, it exposed their full names and email addresses.

Dr. Alawn McOwan, sexual health director of the clinic, assured those affected that they will take the necessary steps to make sure that a similar incident will never happen again. McOwan further stated that the email was recalled and deleted as soon as the error was uncovered. They are now urgently doing an investigation of the mishap and assured the public of its non-recurrence.

Still, patients whose identities have been compromised have been highly affected by the incident. A 40-year-old public sector worker who has been HIV positive for 13 years had reportedly stated that he could not breathe when he saw the email, the BBC reported. The patient is concerned with the possibility of the information falling into the wrong hands.

That said, the injured parties are now seeking legal action for the damages that they have sustained with the clinic’s erroneous behavior. Sean Humber, lawyer of the numerou patient-victims, said that the clinic’s top priority must now be to limit the wider disclosure of the divulged information, The Guardian reported. He stated that the clinic will inevitably face very many compensation claims as a result of the disclosure of highly sensitive information.

Hours after the unfortunate incident happened, health secretary Jeremy Hunt announced plans of having the National Health Secretary patients’ medical records online within 12 months, with hospital notes to follow by 2018. He said that having the records accessible online, will empower the patients who opt to see test results, prescriptions and doctors’ notes at the click of a button, and even upload data from devices such as fitness wristbands. However, following the incident, he added that they would be willing to bin the idea if they are going to lose the public’s trust for inability to secure personal data of their clients.